This is the first of what will be a series of blog posts where we’ll put a quick spotlight on various aspects of DMA’s self-regulatory initiatives so that analytic professionals can become more knowledgeable of these guidelines and best practices, and be mindful of them in the course of their daily analytic work. In this first installment, we’ll begin with Article 32 of DMA’s Guidelines for Ethical Business Practice, which delves into the use of personal data.

Personal Data is defined by DMA as “data and selection criteria that by reasonable standards may be considered sensitive and or intimate” to the consumer. The underlying mandate to DMA members in Article 32, and a commitment to the consumer, is that “marketing data should only be used for marketing purposes”. This is one of the foundation pillars of DMA’s self regulatory efforts. The underlying intention of Article 32, which was written by fellow DMA members, is to establish an adherence standard for direct marketers where the handling of a consumer’s personal data must be done so with sensitivity, especially data which can reasonably be assumed to be intimate in nature. For example, this guideline would apply when working with consumer data records that include financial and personal account numbers. As analysts who are on the front lines using all types of data every day – to run reports, profile customers, and build predictive models — we have the responsibility to act as good stewards when handling consumers’ personal data. The goal in our work is to provide a marketing/analytic solution which best ensures that the most relevant offer is given to a consumer, at the right time, through their preferred channel, and in completing this work, to be mindful that no personal account information in data files we are working with has a chance to leave our shops.

When working with personal data in your analysis, ask yourself whether the outcome of your data processing will violate any implied consumer trust. Does the data processing pass your “gut test”, and if it were your own personal data would you be comfortable with how it was treated? If not, it becomes an opportunity to have a discussion within your company of the broader ramifications of the end use and standard handling and transmission of analytic files that include data such as financial account numbers..Article #32 provides a roadmap and template for data-driven marketers to do not just what is legal, but what is right – following the letter and spirit of the law. Specifically, this DMA self regulatory guideline states that these may certainly be used for record matching purposes but should not be transferred or sold.

A failure by marketers and analysts to adhere to the tenets of Article 32 risks jeopardizing our industry as a whole with the threat of looming regulatory legislation. The collection and use of this type of consumer data and its potential regulation is a prime focus right now in legislative chambers at both the state and federal levels. The eyes of legislators are upon us – and as analysts most of us work best when we’re not under the spotlight! Being aware of and abiding by DMA’s long-standing self regulatory mandates – by raising your hand to your management, or anonymously to the DMA, if an analytic assignment appears to involve transferring sensitive data in a way you are not comfortable with – will help to protect our industry’s continued access to the types of data we need to use to continue to make our livelihood in the future. And, we believe the guidelines we follow do maintain the consumer trust and confidence we hold and that this trust is of paramount importance to all marketers.